Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/mxjLenIfSPpU0OJC03sUBWtWdUE.roa
File: mxjLenIfSPpU0OJC03sUBWtWdUE.roa (raw, json)
Hash identifier: +kx2zc2gsJ9kPf5dcqNa/WEvMTZShOwckLunENWvKMQ=
Subject key identifier: 9B:18:CB:7A:72:1F:48:FA:54:D0:E2:42:D3:7B:14:05:6B:56:75:41
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1518
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/mxjLenIfSPpU0OJC03sUBWtWdUE.roa
Signing time: Tue 11 Feb 2025 23:44:19 +0000
ROA not before: Tue 11 Feb 2025 23:44:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 118.160.0.0/13 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5400 (0x1518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9B18CB7A721F48FA54D0E242D37B14056B567541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:95:9f:be:1d:92:1e:87:f3:69:2e:94:79:
f4:53:69:19:0e:24:b2:4a:e1:d8:4f:a1:ba:fa:a1:
92:ec:b8:ed:37:b5:e9:b5:8f:ab:30:d2:b4:1a:95:
cf:68:ef:03:95:23:1a:77:42:58:ea:25:be:4a:d1:
06:d9:1e:1e:96:9d:72:53:72:92:f7:3f:7d:db:a7:
72:bf:30:ba:97:f3:2b:06:79:58:a3:af:d7:3a:ac:
8c:65:ad:8c:22:e4:c2:02:ff:73:e7:b8:84:8b:11:
4d:bd:f2:d4:02:ff:3a:c2:7d:31:8b:f1:59:3f:64:
29:94:7a:aa:85:d4:b8:a0:c1:0d:4e:0a:10:f3:2f:
8d:09:dd:b6:c3:7a:8d:8f:70:e9:fa:f8:2c:d8:0a:
5c:d2:a9:33:bf:69:46:b9:70:31:dd:e3:ae:f3:b4:
b4:2c:7e:b3:1a:51:36:bd:3c:bb:07:a0:66:66:10:
c4:e6:6e:97:df:1f:18:10:a0:45:74:c0:ce:32:b1:
96:db:8a:15:78:66:17:6a:17:b7:1f:82:6c:82:40:
03:62:24:59:1f:0d:04:38:38:92:b3:7f:57:5c:7c:
09:e3:fc:a8:93:62:ae:a4:dc:8f:b1:85:a1:ac:22:
6e:6e:d0:ca:60:4c:9d:9c:c4:55:65:01:74:de:14:
4b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:18:CB:7A:72:1F:48:FA:54:D0:E2:42:D3:7B:14:05:6B:56:75:41
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/mxjLenIfSPpU0OJC03sUBWtWdUE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.160.0.0/13
Signature Algorithm: sha256WithRSAEncryption
5c:c3:4d:4c:1c:4f:7f:6b:86:93:8f:6f:7a:0a:c7:f9:5b:15:
5b:f8:65:73:c8:32:cb:e4:7d:b3:74:93:e4:7b:e6:65:32:d6:
d5:cd:01:aa:4c:80:e0:23:3b:2e:05:0e:49:6b:cc:cf:f3:0f:
0e:fe:ee:74:27:ad:25:fa:d4:fa:3d:e5:f8:ca:a0:f4:39:ff:
ab:92:78:75:91:8a:6c:f6:08:5d:56:d9:5a:43:33:64:2b:6d:
42:3f:7c:1c:bb:6c:02:00:fc:cb:e8:5f:24:a8:b6:94:2a:96:
cb:dd:6e:24:f9:53:a1:77:40:36:c9:b1:9b:8e:73:9c:da:bf:
69:df:64:ff:7b:6c:91:bc:2a:20:e4:66:dd:54:83:98:45:4e:
8a:58:ea:4f:51:fd:f6:d2:f8:51:9c:4d:8f:79:9c:82:c5:27:
a0:4a:87:62:fd:76:10:b5:3f:ad:ea:35:d2:be:8e:42:3d:8e:
18:33:71:ab:bf:28:38:c9:5a:98:69:e4:b8:0c:0b:da:98:20:
7e:5e:0a:63:62:ba:93:9b:3e:2a:4c:39:96:4e:45:26:b5:7c:
7c:f8:6a:82:36:54:b7:02:0a:f2:b0:04:cf:11:8e:74:dd:88:
1f:ce:87:55:80:8b:f9:93:61:b2:c1:da:e6:ae:d7:89:ed:aa:
42:6b:ea:70
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlCMThDQjdBNzIxRjQ4
RkE1NEQwRTI0MkQzN0IxNDA1NkI1Njc1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKapWfvh2SHofzaS6UefRTaRkOJLJK4dhPobr6oZLsuO03tem1
j6sw0rQalc9o7wOVIxp3QljqJb5K0QbZHh6WnXJTcpL3P33bp3K/MLqX8ysGeVij
r9c6rIxlrYwi5MIC/3PnuISLEU298tQC/zrCfTGL8Vk/ZCmUeqqF1LigwQ1OChDz
L40J3bbDeo2PcOn6+CzYClzSqTO/aUa5cDHd467ztLQsfrMaUTa9PLsHoGZmEMTm
bpffHxgQoEV0wM4ysZbbihV4ZhdqF7cfgmyCQANiJFkfDQQ4OJKzf1dcfAnj/KiT
Yq6k3I+xhaGsIm5u0MpgTJ2cxFVlAXTeFEtLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUmxjLenIfSPpU0OJC03sUBWtWdUEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9teGpMZW5JZlNQcFUwT0pDMDNz
VUJXdFdkVUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMDdqAw
DQYJKoZIhvcNAQELBQADggEBAFzDTUwcT39rhpOPb3oKx/lbFVv4ZXPIMsvkfbN0
k+R75mUy1tXNAapMgOAjOy4FDklrzM/zDw7+7nQnrSX61Po95fjKoPQ5/6uSeHWR
imz2CF1W2VpDM2QrbUI/fBy7bAIA/MvoXySotpQqlsvdbiT5U6F3QDbJsZuOc5za
v2nfZP97bJG8KiDkZt1Ug5hFTopY6k9R/fbS+FGcTY95nILFJ6BKh2L9dhC1P63q
NdK+jkI9jhgzcau/KDjJWphp5LgMC9qYIH5eCmNiupObPipMOZZORSa1fHz4aoI2
VLcCCvKwBM8RjnTdiB/Oh1WAi/mTYbLB2uau14ntqkJr6nA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:55 2025 by rpki-client